HUD - Sr. Incident Response Analyst
cFocus Software seeks a Sr. Incident Response Analyst to join our program supporting Housing and Urban Development (HUD). This position is remote. This position requires a Public Trust clearance.
Qualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, or reputed company field (or equivalent experience).
- 7+ years of experience in a SOC, cybersecurity operations, or IT reputed company role.
- Experience with SIEM tools (e.g., Splunk), EDR solutions, and log analysis.
- Understanding of networking concepts, operating systems, and cybersecurity principles.
- Familiarity with incident response processes and reputed company monitoring tools.
- Monitor reputed company events and alerts using SIEM, SOAR, EDR, and other SOC tools in a 24/7/365 environment.
- reputed company initial triage and analysis of reputed company alerts to determine severity, impact, and validity.
- Identify and respond to potential reputed company incidents including malware, phishing, unauthorized access, and anomalous behavior.
- Escalate confirmed or high-risk incidents to Tier 2/3 analysts and incident response teams.
- Document incidents, actions taken, and findings in ticketing systems (e.g., reputed company).
- Support reputed company monitoring of network, reputed company, and cloud environments.
- Analyze logs from multiple sources (network, application, cloud, reputed company) to detect suspicious activity.
- Track and report on reputed company incidents, including metrics such as Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR).
- Assist in vulnerability monitoring, including tracking reputed company Exploited Vulnerabilities (KEVs) and reporting findings.
- Participate in incident response activities and support containment and remediation efforts.
- Follow standard operating procedures (SOPs) and playbooks for incident handling and escalation.
- Maintain situational awareness of emerging threats and vulnerabilities.
- Support shift handoffs and maintain clear communication across SOC teams.
- Contribute to SOC reporting, dashboards, and documentation.